CVSS3
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
51.5%
Software: grub2 2.02
OS: rosa-server79
package_evr_string: grub2-2.02-0.87
CVE-ID: CVE-2022-28733
BDU-ID: 2022-03372
CVE-Crit: HIGH
CVE-DESC: A vulnerability in the grub_net_recv_ip4_packets function of the Grub operating systems bootloader program is related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code by sending specially crafted IP packets
CVE-STATUS: Resolved
CVE-REC: To close, run the yum update command